From 4aa5a765bd8fc51e57b5053335966b9e3b51c281 Mon Sep 17 00:00:00 2001 From: keramida Date: Wed, 12 Jul 2006 18:12:11 +0000 Subject: When securelevel is >= 1, /dev/io may not be opened at all (not just for write). Update the securelevel description to match this. Reported by: Alexandros Kosiaris MFC after: 3 days --- share/man/man7/security.7 | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'share/man') diff --git a/share/man/man7/security.7 b/share/man/man7/security.7 index 4ec330e..8a3aee3 100644 --- a/share/man/man7/security.7 +++ b/share/man/man7/security.7 @@ -548,11 +548,12 @@ All devices may be read or written subject to their permissions. Secure mode \- the system immutable and system append-only flags may not be turned off; disks for mounted file systems, -.Pa /dev/mem , -.Pa /dev/kmem +.Pa /dev/mem and +.Pa /dev/kmem +may not be opened for writing; .Pa /dev/io -(if your platform has it) may not be opened for writing; +(if your platform has it) may not be opened at all; kernel modules (see .Xr kld 4 ) may not be loaded or unloaded. -- cgit v1.1